83 matches found
CVE-2020-7857
CVE-2020-7857 affects Tobesoft XPlatform prior to version 9.2.2.280. The issue is a command injection caused by insufficient validation of improper classes, allowing an unauthenticated attacker to execute arbitrary commands. Affected component/behavior: the XPlatform platform’s class validation l...
Tobesoft Xplatform 输入验证错误漏洞
Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS auto-setting, and multi-document interfaces. A command injection vulnerability exists in XPlatform versions prior to 9.2.2.280. The vulnerability stems from...
Tobesoft Xplatform Code Execution Vulnerability (CNVD-2021-25270)
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. A security vulnerability exists in Tobesoft Xplatform, which stems from an unchecked offset input range...
CVE-2020-7853
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...
CVE-2020-7853
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...
CVE-2020-7853 TOBESOFT XPLATFORM Out-of-Bounds Read/Write Vulnerabilities
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...
CVE-2020-7853
CVE-2020-7853 affects Tobesoft XPLATFORM. The vulnerability arises from an unchecked offset input range enabling out-of-bounds read/write, which can allow an attacker to achieve arbitrary code execution. Public sources (CNVD-2021-25270, CVE records) describe the same issue as an offset-range chec...
Tobesoft Xplatform 缓冲区错误漏洞
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. A security vulnerability exists in Tobesoft Xplatform, which stems from an unchecked offset input range...
Tobesoft Xplatform Input Validation Error Vulnerability
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. TOBESOFT XPLATFORM suffers from an input validation error vulnerability that originates when a command...
CVE-2020-7841
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://...
CVE-2020-7841
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://...
Input validation
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://...
CVE-2020-7841
TOBESOFT XPLATFORM suffers an improper input validation vulnerability that can lead to arbitrary .hta file execution when a command string starts with http://, https://, or mailto://. The CVE-2020-7841 entry is supported by multiple sources (NVD, Red Hat, CNVD) detailing this issue and its high/c...
CVE-2020-7841 TOBESOFT XPLATFORM arbitrary hta file execution vulnerability
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://...
Tobesoft Xplatform 输入验证错误漏洞
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. TOBESOFT XPLATFORM suffers from an input validation error vulnerability that originates when a command...
Tobesoft Xplatform Injection Vulnerability
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. A security vulnerability exists in COMPONENT in TOBESOFT Xplatform 9.2.260 and earlier versions Windows...
CVE-2020-7815
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to caus...
CVE-2020-7815
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to caus...
Design/Logic Flaw
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to caus...
CVE-2020-7815
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to caus...